<?php
#基础函数
include_once('_path.php');
include_once("../includes/init.php");

#获取页面变量
$action = trim($_GET['action']);
$id = trim($_REQUEST['id']) + 0;
	$quote['id'] = string_sql($id);
        
if ($id > 0) {
	$sql = "SELECT * FROM members_file WHERE id=$id";
	$_file = $database->queryFirst($sql);
	if (!$_file['id']) {
		$_REQUEST['referrer'] = "index.php";
		redirect("记录不存在!");
	}
}
#如果是添加操作
if ($action == "file.do") {
    $uid = trim($_REQUEST['uid']) + 0;
    $filename = trim($_REQUEST['filename']);$quote['filename'] = string_sql($filename);
    $fname = basename($_FILES['file']['name']);
    $ext = get_ext($fname);
    @move_uploaded_file($_FILES['file']['tmp_name'], _CONST_UPLOAD_PATH.md5($fname).".".$ext);
    $quote['file'] = string_sql(md5($fname).".".$ext);
    $sql = "INSERT INTO members_file (uid, filename, file, dateline) VALUES (".$uid.", ".$quote['filename'].", ".$quote['file'].", ".string_sql(time()).");";
    $database->execute($sql);
    $_REQUEST['referrer'] = "index.php?uid=".$uid;
    redirect("文件上传成功!");
#如果是下载
} else if ($action == "down.do" && $id > 0) {
#下载
download(_CONST_UPLOAD_PATH, $_file['file']);
exit;
#如果是删除操作
} else if ($action == "delete.do" && $id > 0) {
	$database->execute("DELETE FROM members_file WHERE id = ".$quote['id'].";");
        #删除物理文件
        @unlink(_CONST_UPLOAD_PATH.$_file['file']);
        $_REQUEST['referrer'] = "index.php?uid=".$_file['uid'];
        redirect("删除文件成功!");
}